cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-20898,https://securityvulnerability.io/vulnerability/CVE-2025-20898,Improper Input Validation in Samsung Members Affects User Data Privacy,"A vulnerability in Samsung Members prior to version 5.2.00.12 allows physical attackers to exploit improper input validation, granting them unauthorized access to sensitive data across multiple user profiles. This flaw raises significant privacy concerns, emphasizing the need for updated software to protect user information from potential threats.",Samsung,Samsung Members,4.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:46.159Z,0
CVE-2023-30703,https://securityvulnerability.io/vulnerability/CVE-2023-30703,Improper URL Validation in Samsung Members Software,"An improper URL validation vulnerability exists in Samsung Members, allowing unauthorized access to sensitive information for users prior to version 14.0.07.1. This security flaw highlights the importance of robust validation mechanisms to protect user data from malicious exploitation.",Samsung,Samsung Members,3.3,LOW,0.0006399999838322401,false,,false,false,false,,,false,false,,2023-08-10T02:15:00.000Z,0
CVE-2022-36877,https://securityvulnerability.io/vulnerability/CVE-2022-36877,Sensitive Information Exposure in Samsung Members App,"The Samsung Members application prior to specified versions is susceptible to a vulnerability that allows local attackers to exploit the FaqSymptomCardViewModel component. This flaw can result in the unintentional exposure of sensitive device identification information through application logs, potentially threatening user privacy and security. It is crucial for users and administrators to update to the latest versions to mitigate this risk.",Samsung,Samsung Members,2.8,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-09-09T14:39:57.000Z,0
CVE-2022-30748,https://securityvulnerability.io/vulnerability/CVE-2022-30748,Dynamic Receiver Vulnerability in Samsung Members Prior to Version 4.2.005,"The unprotected dynamic receiver in Samsung Members, prior to version 4.2.005, allows attackers to initiate arbitrary activities within the application. This presents a security risk by enabling unauthorized actions, potentially leading to exposure of sensitive user data or disruption of app functionality.",Samsung,Samsung Members,4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-06-07T18:21:02.000Z,0
CVE-2022-28777,https://securityvulnerability.io/vulnerability/CVE-2022-28777,Improper Access Control in Samsung Members Application,"An improper access control vulnerability exists in the Samsung Members application, allowing a local attacker to execute call functions without the necessary CALL_PHONE permissions. This flaw affects versions prior to 13.6.08.5, posing a risk to users due to potential unauthorized call actions. It is essential for users of the Samsung Members app to update to the latest version to mitigate this vulnerability.",Samsung,Samsung Members,4.3,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-11T19:37:44.000Z,0
CVE-2021-25439,https://securityvulnerability.io/vulnerability/CVE-2021-25439,,"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.",Samsung,Samsung Members,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-08T13:47:58.000Z,0
CVE-2021-25438,https://securityvulnerability.io/vulnerability/CVE-2021-25438,,"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.",Samsung,Samsung Members,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-08T13:47:18.000Z,0
CVE-2021-25432,https://securityvulnerability.io/vulnerability/CVE-2021-25432,,"Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data.",Samsung,Samsung Members,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-08T13:45:43.000Z,0
CVE-2021-25374,https://securityvulnerability.io/vulnerability/CVE-2021-25374,,"An improper authorization vulnerability in Samsung Members ""samsungrewards"" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.",Samsung,Samsung Members,8.6,HIGH,0.0031300000846385956,false,,false,false,true,2021-04-10T09:23:52.000Z,true,false,false,,2021-04-09T17:38:29.000Z,0
CVE-2021-25343,https://securityvulnerability.io/vulnerability/CVE-2021-25343,,Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.,Samsung,Samsung Members,4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-03-04T21:03:38.000Z,0
CVE-2018-11614,https://securityvulnerability.io/vulnerability/CVE-2018-11614,,This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Intents. The issue lies in the ability to send an Intent that would not otherwise be reachable. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5361.,Samsung,Samsung Members,8.8,HIGH,0.0013200000394135714,false,,false,false,false,,,false,false,,2018-09-24T23:29:00.000Z,0